Lucene search
K

10 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-13165

SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...

8.6CVSS0.00418EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40078

SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...

8.6CVSS6AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-0023

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00696EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/01/10 12:23 a.m.2 views

SUSE CVE-2024-56514

Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTPs URL to retrieve the custom resourc...

5.3CVSS7AI score0.00696EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/03 4:15 p.m.45 views

CVE-2024-56514 Karmada Tar Slips in CRDs archive extraction

Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTPs URL to retrieve the custom resourc...

5.3CVSS0.00696EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/09/01 2:8 a.m.3 views

SUSE CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS6.9AI score0.00106EPSS
Exploits0References3
OSV
OSV
added 2023/08/30 6:15 p.m.1 views

UBUNTU-CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS5.7AI score0.00106EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2016/11/07 1:27 p.m.5 views

OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

4.3CVSS7.3AI score0.02793EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/07 9:5 a.m.5 views

OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

4.3CVSS7.3AI score0.02793EPSS
Exploits0References5
Debian
Debian
added 2003/11/21 4:46 p.m.6 views

[SECURITY] Some Debian Project machines have been compromised

------------------------------------------------------------------------ Debian Security Advisory http://www.debian.org/security/ Some Debian Project machines compromised [email protected] November 21st, 2003 [email protected] -...

0.2AI score
Exploits0
Rows per page
Query Builder